advertisement

The world’s largest cryptocurrency exchange by trading volume, Binance, faced an embarrassing situation on July 3, 2018, as attackers took advantage of an API hack to sell a single Syscoin (SYS) for 96 bitcoins (BTC).

Binance API Attacked

Over a billion SYS were moved from a wallet, rumoured to be owned by Binance, after enterprising attackers took advantage of the exchange’s Application Programming Interface (API), which determines the protocol for facilitating the trading of listed cryptocurrencies.

Syscoin confirmed the fallacy in a tweet –

We are investigating a possible issue on the Syscoin blockchain, nothing is confirmed but we have asked for exchanges to halt trading while we investigate.

However, Bitcoin developer Jameson Lopp believes the attack is not an API issue:

“The hackers could have exploited a vulnerability in the blockchain’s protocol. Breaking the monetary supply rules for a cryptocurrency can’t be accomplished via a 51% attack; this indicates that a flaw has been found and exploited at the protocol level.”

Lopp made references to a similar issue in 2010 when Bitcoin was exploited to create 186 billion BTC.

Advertisement

advertisement

SYS-BTC Makes Outrageous Trades

After exploiting the API, the attackers sold a single SYS for 96 BTC or 623,000 at current exchange rates.

A look at the trading charts shows a large green spike after SYS went from a few cents to the mammoth valuation.

Despite the attack, speculative investors traded Syscoin on other exchanges and caused a pump in its price. The coin has surged by 85 percent and is the world’s 61st largest cryptocurrency at the time of press.

Media Rumors Blockchain Attack

After the development, several media outlets stated the Syscoin blockchain was compromised. However, this is untrue as the currency is “merged-mined” with Bitcoin and reaching a 51 percent hashrate on its protocol is not an instant task.

Simply put, the attackers got couple of API keys from different users, bought overpriced SYS and took created fake order books. In quick succession, and by presumably deploying liquidity bots, the attackers could reach the ultimate figure of 96 BTC/SYS.

There is no evidence of new coins created or a vulnerable blockchain. The billions of SYS moved were likely from a Binance wallet, which moved as the bots made trades.

DISCLAIMER: BTCManager.com is not a financial project and does not provide any investment services or represent anyone's interests other than its own. For basic information on this website we put our own knowledge about online payment methods, practical skills and years of experience. BTCManager website is offered to wide range of readers as a daily digest that focuses on issues and modern solutions in the practical application the main cryptocurrency and its derivatives. Among our main objectives is to popularize the use of cryptocurrency, explanation what cryptocurrencies are and how they play the role of payment instrument and means for safe storing and earnings, as well as providing the necessary knowledge, educational articles, information about upcoming events and conferences dedicated to the development of cryptocurrency. BTC Manager is not responsible for any results of your using the information from our website. BTCManager.com is not responsible for the content of external sites.